Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-24 19:30:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
wekan/packages/markdown/src/template-integration.js
chrisi51 42994efa9d
Added real autolinking and simpler adding of new url schemes 
to add additional URL Schemes just put your scheme to urlschemes
2021-03-04 16:30:06 +01:00

71 lines
2.2 KiB
JavaScript
Executable file
Raw Blame History

import sanitizeXss from 'xss';
var Markdown = require('markdown-it')({
html: true,
linkify: true,
typographer: true,
breaks: true,
});
// Static URL Scheme Listing
var urlschemes = [
"aodroplink",
"thunderlink",
"cbthunderlink",
"onenote",
"file",
"abasurl",
"conisio",
"mailspring"
];
// Better would be a field in the admin backend to set this dynamically
// instead of putting all known or wanted url schemes here hard into code
// but i was not able to access those settings
// var urlschemes = currentSetting.automaticLinkedUrlSchemes.split('\n');
// put all url schemes into the linkify configuration to automatically make it clickable
for(var i=0; i<urlschemes.length;i++){
//console.log("adding autolink for "+urlschemes[i]);
Markdown.linkify.add(urlschemes[i]+":",'http:');
}
// Additional safeAttrValue function to allow for other specific protocols
// See https://github.com/leizongmin/js-xss/issues/52#issuecomment-241354114
function mySafeAttrValue(tag, name, value, cssFilter) {
// only when the tag is 'a' and attribute is 'href'
// then use your custom function
if (tag === 'a' && name === 'href') {
// only filter the value if starts with an registered url scheme
urlscheme = value.split(/:\/\//);
//console.log("validating "+urlscheme[0]);
if(urlschemes.includes(urlscheme[0])) return value;
else {
// use the default safeAttrValue function to process all non cbthunderlinks
return sanitizeXss.safeAttrValue(tag, name, value, cssFilter);
}
} else {
// use the default safeAttrValue function to process it
return sanitizeXss.safeAttrValue(tag, name, value, cssFilter);
}
};
var emoji = require('markdown-it-emoji');
Markdown.use(emoji);
if (Package.ui) {
const Template = Package.templating.Template;
const UI = Package.ui.UI;
const HTML = Package.htmljs.HTML;
const Blaze = Package.blaze.Blaze; // implied by `ui`
UI.registerHelper('markdown', new Template('markdown', function () {
const self = this;
let text = '';
if (self.templateContentBlock) {
text = Blaze._toText(self.templateContentBlock, HTML.TEXTMODE.STRING);
}
return HTML.Raw(sanitizeXss(Markdown.render(text), { safeAttrValue: mySafeAttrValue }));
}));
}
Reference in a new issue View git blame Copy permalink